| 摘要 |
<p>A telecommunications security module (UICC, smart card, SIM), provisioned with one or more unique master keys, and one or more number generating algorithms, the module comprising means for receiving a derivation value (SEED) from one of a plurality of trusted parties, storing the derivation value, generating an identification number (Ki) using the number generating means, a card number and a root key, wherein the id number (Ki) generated is suitable for use in a telecommunications network. Thus, there is provided a smart card management scheme that combines key derivation with over the air (OTA) provisioning which is used to facilitate a change in network authentication key (Ki) for use by a smart card (SIM) during authentication on a cellular telecommunications network. This scheme ensures both that the Ki is never transmitted OTA and that the Ki is stored in two locations only: on the SIM and at an authentication centre (AuC).</p> |
